Do not reset SNI data in SSL_do_handshake()

PR #3783 introduce coded to reset the server side SNI state in SSL_do_handshake() to ensure any erroneous config time SNI changes are cleared. Unfortunately SSL_do_handshake() can be called mid-handshake multiple times so this is the wrong place to do this and can mean that any SNI data is cleared later on in the handshake too. Therefore move the code to a more appropriate place. Fixes #7014 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/7149)
author: Matt Caswell <matt@openssl.org> 2018-09-07 15:17:34 +0100
committer: Matt Caswell <matt@openssl.org> 2018-09-07 18:24:59 +0100
commit: f01344cb5c6239af0d406f48d65362d0df9627b5 (patch)
tree: 54f51286ca17243df77c04cc82cb3ad5222a0228 /ssl/ssl_lib.c
parent: 328a0547ad61d9e260fca73a280d2288714f2b92 (diff)
1 files changed, 0 insertions, 6 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3d25da637d..d75158e30c 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3559,12 +3559,6 @@ int SSL_do_handshake(SSL *s)
 
     s->method->ssl_renegotiate_check(s, 0);
 
-    if (SSL_is_server(s)) {
-        /* clear SNI settings at server-side */
-        OPENSSL_free(s->ext.hostname);
-        s->ext.hostname = NULL;
-    }
-
     if (SSL_in_init(s) || SSL_in_before(s)) {
         if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
             struct ssl_async_args args;
author	Matt Caswell <matt@openssl.org>	2018-09-07 15:17:34 +0100
committer	Matt Caswell <matt@openssl.org>	2018-09-07 18:24:59 +0100
commit	f01344cb5c6239af0d406f48d65362d0df9627b5 (patch)
tree	54f51286ca17243df77c04cc82cb3ad5222a0228 /ssl/ssl_lib.c
parent	328a0547ad61d9e260fca73a280d2288714f2b92 (diff)